[Samba] Transfer of FSMO roles

Rowland Penny rowlandpenny241155 at gmail.com
Tue Aug 25 06:57:03 UTC 2015


On 25/08/15 03:46, John Gardeniers wrote:
> I just transferred all the FSMO roles from DC-MIGRATE to DC1:

Unfortunately, no you didn't, if you have read the wiki page, you will 
now know there are 7 FSMO roles.

>
> [root at dc1 ~]# samba-tool fsmo transfer --role=all
> FSMO transfer of 'rid' role successful
> FSMO transfer of 'pdc' role successful
> FSMO transfer of 'naming' role successful
> FSMO transfer of 'infrastructure' role successful
> FSMO transfer of 'schema' role successful
>
> I then double checked as follows:
>
> [root at dc1 ~]# samba-tool fsmo show
> InfrastructureMasterRole owner: CN=NTDS 
> Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=omtest,DC=com
> RidAllocationMasterRole owner: CN=NTDS 
> Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=omtest,DC=com
> PdcEmulationMasterRole owner: CN=NTDS 
> Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=omtest,DC=com
> DomainNamingMasterRole owner: CN=NTDS 
> Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=omtest,DC=com
> SchemaMasterRole owner: CN=NTDS 
> Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=omtest,DC=com
>
> Looks good but when I run this:
>
> [root at dc1 ~]# ldbsearch --cross-ncs -H /var/lib/samba/private/sam.ldb 
> -b "CN=Infrastructure,DC=DomainDnsZones,DC=omtest,DC=com" -s base 
> fsmoroleowner
> # record 1
> dn: CN=Infrastructure,DC=DomainDnsZones,DC=omtest,DC=com
> fSMORoleOwner: CN=NTDS 
> Settings,CN=DC-MIGRATE,CN=Servers,CN=Default-First-Site
>  -Name,CN=Sites,CN=Configuration,DC=omtest,DC=com
>
> You'll notice that this time it still lists DC-MIGRATE as the role 
> owner (I didn't bother running this for the other roles). I re-ran the 
> command again half an hour later, thinking that perhaps this just need 
> a little time to settle, but got the same results.
>
> Does this indicate a problem that I need to resolve? If so, how do I 
> resolve it?
>

Yes, you have a problem, to resolve it, you can either wait until 4.3.0 
comes out and then upgrade, you will then be able to transfer all 7 
roles, or (I never said this) download the latest 4.3.0rc tarball use 
the fsmo.py on your machine.


> Incidentally, the link for " FSMO role management using the Windows 
> GUI" on
> https://wiki.samba.org/index.php/Flexible_Single-Master_Operations_(FSMO)_roles 
> is broken.

Fixed

Rowland
>
> regards,
> John
>




More information about the samba mailing list